From a80959e765f514091d3ccfe256bb540a11522f67 Mon Sep 17 00:00:00 2001
From: MITSUNARI Shigeo <herumi@nifty.com>
Date: Sat, 5 Jan 2019 16:07:43 +0900
Subject: add blsVerifyPairing

---
 include/bls/bls.h  |  9 +++++++++
 src/bls_c_impl.hpp | 17 ++++++++++-------
 2 files changed, 19 insertions(+), 7 deletions(-)

diff --git a/include/bls/bls.h b/include/bls/bls.h
index b2c06f2..39cbf40 100644
--- a/include/bls/bls.h
+++ b/include/bls/bls.h
@@ -141,6 +141,15 @@ BLS_DLL_API int blsPublicKeyIsValidOrder(const blsPublicKey *pub);
 
 #ifndef BLS_MINIMUM_API
 
+/*
+	verify X == sY by checking e(X, sQ) = e(Y, Q)
+	@param X [in]
+	@param Y [in]
+	@param pub [in] pub = sQ
+	@return 1 if e(X, pub) = e(Y, Q) else 0
+*/
+BLS_DLL_API int blsVerifyPairing(const blsSignature *X, const blsSignature *Y, const blsPublicKey *pub);
+
 /*
 	sign the hash
 	use the low (bitSize of r) - 1 bit of h
diff --git a/src/bls_c_impl.hpp b/src/bls_c_impl.hpp
index 46b3aad..197c146 100644
--- a/src/bls_c_impl.hpp
+++ b/src/bls_c_impl.hpp
@@ -429,19 +429,22 @@ int blsSignHash(blsSignature *sig, const blsSecretKey *sec, const void *h, mclSi
 	return 0;
 }
 
-int blsVerifyHash(const blsSignature *sig, const blsPublicKey *pub, const void *h, mclSize size)
+int blsVerifyPairing(const blsSignature *X, const blsSignature *Y, const blsPublicKey *pub)
 {
 #ifdef BLS_SWAP_G
-	G2 Hm;
-	if (!toG(Hm, h, size)) return 0;
-	return isEqualTwoPairings(*cast(&sig->v), *cast(&pub->v), Hm);
+	return isEqualTwoPairings(*cast(&X->v), *cast(&pub->v), *cast(&Y->v));
 #else
-	G1 Hm;
-	if (!toG(Hm, h, size)) return 0;
-	return isEqualTwoPairings(*cast(&sig->v), getQcoeff().data(), Hm, *cast(&pub->v));
+	return isEqualTwoPairings(*cast(&X->v), getQcoeff().data(), *cast(&Y->v), *cast(&pub->v));
 #endif
 }
 
+int blsVerifyHash(const blsSignature *sig, const blsPublicKey *pub, const void *h, mclSize size)
+{
+	blsSignature Hm;
+	if (!toG(*cast(&Hm.v), h, size)) return 0;
+	return blsVerifyPairing(sig, &Hm, pub);
+}
+
 void blsSecretKeySub(blsSecretKey *sec, const blsSecretKey *rhs)
 {
 	*cast(&sec->v) -= *cast(&rhs->v);
-- 
cgit v1.2.3